Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Security screws have been tightened once more.

R

romanof

macrumors 6502
Original poster
Jun 13, 2020
361
387
Texas
Put 15.1 on today and that was a mistake. Suddenly, the screws have been tightened considerably. Nothing that is not approved of by Apple will run and the "Run Anyway" option is gone. Only stuff from Apple or Apple developers is allowed.

Since Macos is still BSD Unix underneath (mostly) that can be hacked through and I have, but this is a continuing push on me to get back to Linux and just consign my Mac to ordinary Internet tasks, in which case a cheap used Mini will do that job just fine.

If anybody cares, one bypass is

sudo spctl --master-disable

then change to the now visible Anywhere in settings/security, find the binary in the application blob and drop it into terminal. A PITA, but will allow one to get back to work until this is sorted out. If it ever is.

One would almost think that Apple believes that they still own my computer.
 
  • Like
Reactions: !!!
R

romanof

macrumors 6502
Original poster
Jun 13, 2020
361
387
Texas
Open Anyway was not there after upgrade to 5.1, until I ran the above command. And even with it appearing after the hack, clicking on open anyway still gets the Apple no-no message. The only way to run it is to drop the binary into terminal after the hack. (Seamonkey - a valid app from that has been around a long time.)
 

Attachments

  • Screenshot 2024-10-29 at 1.22.32 PM.png
    Screenshot 2024-10-29 at 1.22.32 PM.png
    17.3 KB · Views: 34
  • Screenshot 2024-10-29 at 1.20.30 PM.png
    Screenshot 2024-10-29 at 1.20.30 PM.png
    49 KB · Views: 32
Iwavvns

Iwavvns

macrumors 6502a
Dec 11, 2023
654
915
Earth
romanof said:
Since Macos is still BSD Unix underneath (mostly)…
Click to expand...
This reminds me of that thought experiment: if you have a boat and begin replacing parts as needed, how much can you replace before the boat is no longer the original boat?

Mac OS X started with BSD Unix, but I think that so much has been changed, and new pieces added, that is no longer the original boat.
 
  • Love
  • Like
Reactions: gank41 and gilby101
R

romanof

macrumors 6502
Original poster
Jun 13, 2020
361
387
Texas
Fishrrman said:
I DISABLE system integrity protection AND Gatekeeper "right out of the box" on all my Macs.
Don't need such things.

My Macs ran great before Apple introduced such nonsense.
They STILL run fine after I disable it...
Click to expand...
Yes, and I will probably do that. My surfing is minimal and text and messages come in on my phone. Most of my use is off line, especially now that I can run an LLM (Jan) locally. I almost never install new programs and the wifi is always turned off unless needed.
So the new security stuff is a PITA, but as I am gradually migrating actual work back to Linux, it matters less and less. (Actually, the "gradually" is rapidly changing to "Get the work moved!"
 
fisherking

fisherking

macrumors G4
Jul 16, 2010
11,249
5,559
ny somewhere
romanof said:
Yes, and I will probably do that. My surfing is minimal and text and messages come in on my phone. Most of my use is off line, especially now that I can run an LLM (Jan) locally. I almost never install new programs and the wifi is always turned off unless needed.
So the new security stuff is a PITA, but as I am gradually migrating actual work back to Linux, it matters less and less. (Actually, the "gradually" is rapidly changing to "Get the work moved!"
Click to expand...
easy.
 
n-evo

n-evo

macrumors 68000
Aug 9, 2013
1,904
1,716
Amsterdam
chabig said:
You can still run unnotarized apps. Go to System Setting > Privacy & Security and click the Open Anyway button to confirm your intent to open or install the app.
Click to expand...
Exactly. Works just fine albeit a bit more of a hassle. I had to look that up though before I realized it was there.
 
SnacksGU

SnacksGU

macrumors 6502
May 21, 2018
389
260
USA
chabig said:
You can still run unnotarized apps. Go to System Setting > Privacy & Security and click the Open Anyway button to confirm your intent to open or install the app.
Click to expand...
This option literally does not exist for me anymore...

I know others above me mentioned it exists for them.
 
n-evo

n-evo

macrumors 68000
Aug 9, 2013
1,904
1,716
Amsterdam
SnacksGU said:
This option literally does not exist for me anymore...
Click to expand...
Could be you have to scroll down in Privacy & Security first time I overlooked it too.

Maybe try removing the app > Restart your Mac > Redownload the app > Open and quit it > Immediately go to System Settings > Privacy & Security > scroll down. There should be an Allow x.app area there.

Open a Mac app from an unknown developer

If you try to open an app by an unknown developer and you see a warning dialog on your Mac, you can override your security settings to open it.
support.apple.com
 
Last edited:
SnacksGU

SnacksGU

macrumors 6502
May 21, 2018
389
260
USA
n-evo said:
Could be you have to scroll down in Privacy & Security first time I overlooked it too.

Maybe try removing the app > Restart your Mac > Redownload the app > Open and quit it > Immediately go to System Settings > Privacy & Security > scroll down. There should be an Allow x.app area there.

Open a Mac app from an unknown developer

If you try to open an app by an unknown developer and you see a warning dialog on your Mac, you can override your security settings to open it.
support.apple.com
Click to expand...
I will try again. I have installed from unknown developers several times (8-15 times in the past/history) with previous OS. Thanks
 
n-evo

n-evo

macrumors 68000
Aug 9, 2013
1,904
1,716
Amsterdam
I first ran into issues with XLD an audio encoder app. After launching it an "Open Anyway" button appeared under the "Security" header. After pressing it XLD launched without an issue.

I do find it annoying Apple is making us jump through hoops like this. The experienced user should be able to have more control over how the OS is handling this, as was the case with older macOS versions.
 
fisherking

fisherking

macrumors G4
Jul 16, 2010
11,249
5,559
ny somewhere
n-evo said:
I first ran into issues with XLD an audio encoder app. After launching it an "Open Anyway" button appeared under the "Security" header. After pressing it XLD launched without an issue.

I do find it annoying Apple is making us jump through hoops like this. The experienced user should be able to have more control over how the OS is handling this, as was the case with older macOS versions.
Click to expand...
this is not new, at all, for unsigned apps.

i installed XLD on an early sequoia beta, clicked 'open anyway', and now use the app regularly. hardly seems like jumping thru hoops, to once approve an app...
 
  • Like
Reactions: August West
SG-

SG-

macrumors regular
Jun 8, 2015
149
88
its still right there at the bottom of privacy and security after you try and launch an unsigned app. I personally used to feel the same as you when this entire thing started, but over the last few years I've personally switched and enjoy the defaults as an advanced user with all the recent Mac malware and Mac popularity gaining steam.

I really like how easy I can simply go to system prefs and quickly approve a single app going forward when I'm sure it's safe or my own unsigned compiled apps.
 
n-evo

n-evo

macrumors 68000
Aug 9, 2013
1,904
1,716
Amsterdam
fisherking said:
this is not new, at all, for unsigned apps.

i installed XLD on an early sequoia beta, clicked 'open anyway', and now use the app regularly. hardly seems like jumping thru hoops, to once approve an app...
Click to expand...
I was referring to the initial process.
 
Last edited:
B

BigBlur

macrumors 6502a
Jul 9, 2021
804
937
chabig said:
Yes. Keep going...

eclecticlight.co

Living with(out) notarization

Notarization is now obligatory for developers, but at the same time, we’re still able to run our own apps that aren’t notarized. Here’s how that works, and why.
eclecticlight.co eclecticlight.co
Click to expand...
That was a good read. I already knew about the "right-click > Open" thing needed to run some third-party apps, but probably would have fallen for this trick if an installer screen from a mounted disk appeared on my screen like this. How sneaky!

1730404836723.png

(Just to be clear, this is the installer screen. Not instructions to perform somewhere else.)
 
Last edited:
n-evo

n-evo

macrumors 68000
Aug 9, 2013
1,904
1,716
Amsterdam
fisherking said:
yes, a one-time thing. so simple...
Click to expand...
Per app, per Mac. Once you figure it out (I was used to right click > Open and honestly didn't know about the location in System Settings > Privacy & Security until macOS Sequoia) it isn't that big of deal. Agreed. However, this is the second thread I've come across where "Open Anyway" seemingly fails to show up in System Settings. I've had a similar thing happen in the past where other permissions wouldn't show up. So in that sense it's annoying that Apple is getting rid of alternate routes to achieve the same thing. I get their reasoning though.

I think it's too bad that Apple made the Mac App Store unaccessible the way they did. I installed Windows 11 the other day and pretty much everything is available in the Microsoft Store. Photoshop, InDesign, Firefox, Apple Music, you name it. The Mac App Store is just deserted in comparison, with so many apps missing. Having to download apps from external sources remains commonplace this way.

BigBlur said:
That was a good read. I already knew about the "right-click > Open" thing needed to run some third-party apps, but probably would have fallen for this trick if an installer screen from a mounted disk appeared on my screen like this. How sneaky!
Click to expand...
Sneaky indeed. They'll probably just update it with new instructions though.
 
Last edited:
B

BigBlur

macrumors 6502a
Jul 9, 2021
804
937
n-evo said:
Sneaky indeed. They'll probably just update it with new instructions though.
Click to expand...
I figured they'll probably update the instructions, but it wouldn't work as slick anymore and would hopefully throw red flags for the users. I would be thinking "I shouldn't need to go into Settings and do all this work to install/run an app." Though, someone who's not as familiar with Macs still probably wouldn't know any better.

I'm sure we've all seen legitimate installation disks that look something like the screenshot below after mounting them. They typically show the app icon and Applications folder, and you can just drag it right there inside that window for your convenience. (Some of us may have even accidentally ran the app from here.) Now imagine this window telling you to right-click the icon and open. That's what's going on in the article/screenshot above and was a great way to fool users because the right-click/context menu works on this screen. They didn't need to tell you to go somewhere else and do stuff. With the new way, they could still show the instructions, but it won't be as slick or sneaky.

1730427438684.png
 
Last edited:
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom